Upload
sikiru-salami-aca-acsi
View
647
Download
0
Embed Size (px)
DESCRIPTION
Citation preview
DEPLOYING RISK MANAGEMENT IN SME MANAGEMENT
Sikiru SALAMI ACA, ACSI
ICANPROFESSIONAL YAHOOGROUP
Entrepreneurship Seminar
OPENING QUOTE:
■ And the struggling pharmaceutical SME failed
■ How a fledgling Audit Firm put its owners in BIG TROUBLE
CASE STUDIES ON RISK
MGT FAILURES
Why Small Businesses Crumble So Soon
What is it about RISK?
Risk as a cause – e.g. fire, theft, fraud
Risk as a likelihood – probability of occurrence
Risk as an object – the objects that constitute the risk, e.g., factory, aircraft, ship, young male drivers
Risk as an action – taking a risk by doing something or not doing something
Risk is a condition in which there is a possibility of an adverse deviation from a desired outcome that is expected
Risk is all pervasive of all human endeavour
SCARED OF RISK?
RISKS FACING SMALL BUSINESSES
TYPES OF RISK
Credit Risk: The risk of loss arising from loan default or unpaid account receivables
Operational Risk: The risk of loss resulting from inadequate or failed policy, processes and systems or from external events
Market Risk: The risk of loss resulting from adverse movements in the market prices, interest rate, equities, commodities, or currencies.
Liquidity Risk: The risk of loss to an entity arising from its inability to meet its obligations as they fall due.
Legal Risk: The risk of loss arising from inability to enforce a contract against a counterparty, or unfavourable legal proceedings.
Compliance Risk: The Risk of loss arising from breach of regulatory requirements
Strategic Risk, Reputational Risk etc.
TYPES OF RISK (cont’d)
Enterprise Risk Management (ERM)
ERM deals with risks and opportunities affecting value creation or preservation
ERM “is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.”
Source: COSO Enterprise Risk Management– Integrated Framework. 2004. COSO.
COMPONENTS OF ERM FRAMEWORK
Benefits of ERM Implementation
Aligning risk appetite and strategy
Enhancing risk response decisions
Reducing operational surprises and losses
Improving overall risk rating
Improving deployment of capital
Complying with regulatory changes
Improving shareholder value
Facilitating long term survival
Risk Assessment Process
Identify relevant business objectives.
Identify events that could affect the achievement of
objectives.
Determine risk tolerance.
Assess inherent likelihood and impact of risks.
Evaluate the portfolio of risks and determine risk
responses.
Assess residual likelihood and impact of risks.
Risk Assessment (Cont’d)
Risks are analyzed, considering likelihood and impact, as a basis for determining how they should be managed
Risks are assessed on an inherent and a residual basis.
RISK MAP
“Risk = (Probability of event occurring) X (impact of event occurring)”
5 LOW MED HIGH EXT EXT 4 LOW MED HIGH HIGH EXT 3 LOW MED MED HIGH HIGH 2 LOW LOW MED MED MED 1 LOW LOW LOW LOW LOW
LIKELIHOOD 1 2 3 4 5 CONSEQUENCE
L x CScore 0 - 5 = LowScore 6 - 10 = MediumScore 12 - 16 = HighScore 20 - 25 = Extreme
Risk Response Actions
Accept = monitor
orAvoid = eliminate (get out of the situation)
▪ Mitigate = institute controls
▪ Share = partner with someone (e.g. insurance)
▪ Residual risk (unmitigated risk)
Business Continuity Planning (BCP)
BCP is a roadmap for continuing operations under adverse conditions such as fire incident, server crash etc.
Important documents should be duly protected with a back up facility and kept in an offsite facility.
KSF for an Effective ERM Implementation
Implementation Challenges
Concluding Quote“For firms to succeed in this increasingly global
and competitive marketplace, risk management
must become a state of mind. A systematic and
proactive enterprise-wide approach to managing
risks is essential to making risk management an
integral part of the company’s DNA”
-NURAG SAKSENA –CRO, Freddie Mac
“There are risks and costs to a programme of
action; but they are far less than the long
range risks and costs of comfortable
inaction”
-John F. Kennedy